Virus Total Api

Alex_Kefallonitis · April 4, 2017, 3:31pm

I am using bro 2.5 and i cant get this working https://github.com/sooshie/bro-scripts/blob/master/misc/vt_check.bro

I see curl running on request and succefully submitted on virustotal but i get this error:

1490780707.065084 error in /opt/bro/share/bro/bro-extra/vt_check.bro, line 79: no such index (VTCHECK::temp[2])
1490780707.065084 error in /opt/bro/share/bro/bro-extra/vt_check.bro, line 74: no such index (VTCHECK::temp[2])
1490780707.065084 error in /opt/bro/share/bro/bro-extra/vt_check.bro, line 91: value used but not set (VTCHECK::positives)

Anyone made this work or anything similar?

I can’t get either this example working https://www.sans.org/reading-room/whitepapers/detection/detecting-malicious-smb-activity-bro-37472

Thanks in advanced

Topic		Replies	Views
file hashing, and virustotal api Zeek	2	267	May 6, 2022
file hashing, and virustotal api Zeek	1	65	May 6, 2022
Two Questions about Bro Zeek	1	86	May 6, 2022
Bro detecting malicious smtp Zeek	1	86	May 6, 2022
Can't get "Notice::ACTION_EMAIL" to work Zeek	5	82	May 6, 2022

Virus Total Api

Related topics